<?php

/**
 * 对微信小程序用户加密数据的解密示例代码.
 *
 * @copyright Copyright (c) 1998-2014 Tencent Inc.
 */
namespace app\helper;

use Exception;

class BizCrypt
{
    private $appid;
	// private $sesskey;
	private $code = [
		'IllegalAesKey' => 41001,
		'IllegalIv' => 41002,
		'IllegalBuffer' => 41003,
		'DecodeBase64Error' => 41004
	];

	/**
	 * 构造函数
	 */
	public function __construct()
	{
		// $this->sesskey = session('weapp_session_key');
		$this->appid = config('wechat.mini.app_id');
	}


	/**
	 * 检验数据的真实性，并且获取解密后的明文.
	 * @param $encryptedData string 加密的用户数据
	 * @param $iv string 与用户数据一同返回的初始向量
	 * @param $data string 解密后的原文
     *
	 * @return int 成功0，失败返回对应的错误码
	 */
	public function decode(string $data, string $sesskey, string $iv)
	{
		if (strlen($sesskey) != 24) {
			throw new Exception('Illegal AesKey', $this->code['IllegalAesKey']);
		}
		$aesKey=base64_decode($sesskey);

		if (strlen($iv) != 24) {
			throw new Exception('Illegal Iv', $this->code['IllegalIv']);
		}
		$aesIV=base64_decode($iv);

		$aesCipher=base64_decode($data);

		$result=openssl_decrypt( $aesCipher, "AES-128-CBC", $aesKey, 1, $aesIV);
		$dataObj=json_decode($result);
		if($dataObj == NULL || $dataObj->watermark->appid != $this->appid)
		{
			throw new Exception('Illegal Buffer', $this->code['IllegalBuffer']);
		}

		return (array) $dataObj;
	}

}

